AIMS Overview

Analysis. Answers. Action.

www.aphl.org

APHL Informatics Messaging Services (AIMS)Overview | December 2015

Analysis. Answers. Action. www.aphl.org

Background


APHL Informatics Messaging Services (AIMS)

A secure, cloud based environment that accelerates the implementation of health

messaging by providing shared services to aid in the transport, validation, translation

and routing of electronic data.


FoundationSince 2008, APHL has maintained a message transport hub service that has the ability to receive, hold, and transmit electronic messages sent from one organization to another. The RnR Hub service routes electronic messages between the CDC, partner laboratories, and public health agencies.


The AIMS Evolution


Big PictureTo better serve and provide affordable, secure message transport and translation for healthcare organizations.


What do we want / need?• Speed and Agility• Elasticity• Low cost of experimentation• Easily deployable solutions

• Security• Compliance• Continuity

Emphasis

S C C


Today


Cloud Computing Reference Architecture


Cloud Service Management


2015 Gartner Cloud Computing Magic Quadrant“AWS is the overwhelming market share leader, with more than five times the compute capacity in use than the aggregate total of the other fourteen providers.”


Amazon Web Services (AWS)• Migrated technology stack to AWS on March 1, 2014

• AIMS is located in the AWS East and West Region

• Robust Continuity of Operations and Disaster Recovery

• Approved for GovCloud


AIMS Functional Architecture


AIMS Functional Architecture


AIMS Technical Architecture


Secure Hosting, Integration and Support

• CDC Platform

• Mirth and Rhapsody Integration Broker

• Reportable Condition Mapping Table ( RCMT )

• Data Innovation Drivers

• ONC Public Health Immunization Data Exchange

• Whole Genome Sequencing with CDC and CLC bio


Transport Protocol Interoperability• PHINMS• Direct• Web Services• SFTP• VPN• S3 SDK API or Clients


AWS Compliance HIPAA-compliant, HITRUST-certified environment on the AWS Cloud. FedRAMP and NIST 800-53 Business Associate Agreement Shared Responsibility Model


Cybersecurity and Compliance• Approved for AWS GovCloud

• System Security Plan (SSP) in place

• Security Assessment (ST&E) and Audit conducted in 2013 by RTI International

• FISMA Moderate Compliance ATO granted in 2013

• FedRAMP certified environment

• Business Associate Agreement in place with AWS

• Version 2 of the SSP is drafted. Testing to commence in Q3 2015

• Next Disaster Recovery Test to occur in Q4 2015

• 3 Successful Penetration Tests


Shared Responsibility Model


Cybersecurity Automated continuous

configuration and monitoring providing

cybersecurity and information assurance

capabilities to information technology environments

on AIMS.


Cybersecurity


Cybersecurity

System Management ToolsCybersecurity

Configuration Management

Monitoring


Cybersecurity: Access• Access via applications and services

• AWS Identity Access Management (IAM)

• AWS Directory Service

• Access via VPN

• Dashboard – Audit Portal

System Access Authorization Request

FIPS 140-2


Cybersecurity: Access – Virtual Desktops


Storage, Backup, Archiving


Big Data

AIMS#2

#3

#4


APHL/CDC Pilot Trumps WGS File Size for Fast Exchange of Flu Data -


Pain Free On-boarding


Our Team

Programs Using AIMSPHLIP

Pandemic Influenza

Meaningful Use

SPHLs involved in the Public Health Laboratory Interoperability Project (PHLIP) use the AIMS Hub to transport Electronic Laboratory Surveillance Messages (ELSM) for Influenza and Vaccine Preventable Diseases to CDC.

The AIMS Hub is used by states to maintain Pandemic Influenza surge capacity to securely exchange electronic test orders and results (ETOR).

The AIMS Hub supports Meaningful Use secure message transport for Syndromic Surveillance, Immunizations, and Electronic Laboratory Results (ELR).

LRNThe Laboratory Response Network (LRN) uses the AIMS Hub to securely transport messages of possible bioterrorism threats.

Programs Using AIMSVPD

NMI

WGS / AMD

The Vaccine Preventable Disease (VPD) program uses four Reference Centers to provide specimen testing for labs that either do not currently provide testing for VPD diseases or want the surge capacity provided by Reference Centers. VPD diseases currently consist of: Measles (Rubeola), mumps, rubella, Varicella Zoster Virus (VZV), pertussis, S. pneumoniae, and H. influenzae.

The Nationally Notifiable Disease Surveillance System (NNDSS) Modernization Initiative (NMI) is an effort to improve the systems and processes used to receive nationally notifiable disease data to provide more comprehensive, timely, and higher quality data than ever before.

Proof of Concept between CDC, Wisconsin, CLC bio, Clarity LIMS to test the secure transport and analysis of WGS data on AIMS.

ELR via AIMS1. California2. Connecticut3. Florida4. Iowa5. Nebraska6. Minnesota7. Mississippi8. Texas9. Kansas10. Maine11. North Carolina12. Utah13. Ohio14. Idaho15. Michigan16. Indiana17. Wisconsin

Cross-jurisdictional Data Exchange


Future


AIMS Technology Roadmap


AIMS Gateway Portalwww.AIMSPlatform.com


AIMS Coverage


Project Highlight: ASTHO RCMT POC• Business Rules

• Triggers• RCMT• Mirth Integration Broker• Alerts via Direct secure messaging


Project Highlight: ONC Immunization Exchange

• Infrastructure Support and Guidance• Hosting• Security• Information Assurance


AIMS Advantages: Simplicity & Reliability

• Shareable Open Source architecture• Centralized processing and message

routing• Monitoring and audit systems• Reduced message transport

complexity• Reduced data translation and

transformation complexity• Reduced development and support

costs

• Flexible capacity infrastructure via AWS

• 5 year authentication certificates• Vocabulary and HL7 Message

Support• Experienced and dedicated tech

support• FISMA Moderate compliant

applications• FedRAMP compliant environment

Healthcare

AIMS Overview